﻿// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.


using IdentityServer4.Models;
using System.Collections.Generic;
using IdentityServer4;
using IdentityModel;

namespace IDS4.AuthCenter
{
    public static class Config
    {
        public static IEnumerable<IdentityResource> IdentityResources =>
            new IdentityResource[]
            {
                new IdentityResources.OpenId(),
                new IdentityResources.Profile(),
                //new IdentityResource("roles","角色",new List<string>{JwtClaimTypes.Role}), //new List<string>{"role"}


                //new IdentityResource("locations","地点",new List<string>{"location" })
            };

        public static IEnumerable<ApiResource> ApiResources =>
            new ApiResource[]
            {
                new ApiResource("orderApi","订单服务")
                {
                    ApiSecrets ={ new Secret("orderApisecret".Sha256()) },
                    Scopes = { "orderScope" }
                },
                new ApiResource("productApi","产品服务")
                {
                    ApiSecrets ={ new Secret("productApisecret".Sha256()) },
                    Scopes = { "productScope" }
                },
                      //api 端访问呢
               // api中要用到 locations ，添加 下面， api就可以访问到
                //new ApiResource("api1","My API #1", new List<string> { "location" })//, new List<string> { "location" }
                //{
                //    Scopes={ "api1"},
                //    ApiSecrets = { new Secret("secret".Sha256()) },
                //    //DisplayName="api1"
                //},

            };

        public static IEnumerable<ApiScope> ApiScopes =>
            new ApiScope[]
            {
                new ApiScope("orderScope"),
                new ApiScope("productScope"),
               // new ApiScope("api1")
            };

        public static IEnumerable<Client> Clients =>
            new Client[]
            {
                new Client
                {
                    ClientId = "webclient",
                    ClientName = "WebClient",

                    AllowedGrantTypes = GrantTypes.Code,
                    ClientSecrets = { new Secret("webclient".Sha256()) },


                    RedirectUris = { "https://www.liujian520.asia/signin-oidc" },//7149
                    FrontChannelLogoutUri = "https://www.liujian520.asia/signout-oidc",
                    PostLogoutRedirectUris = { "https://www.liujian520.asia/signout-callback-oidc" },
                     AllowedCorsOrigins = new List<string>
                    {
                        "https://www.liujian520.asia"
                    },
                    AllowedScopes = new [] {
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        "orderScope", "productScope"//,"api1"
                    },
                    AllowAccessTokensViaBrowser = true,
                    //AccessTokenLifetime=10,

                    //AuthorizationCodeLifetime=10,

                    //IdentityTokenLifetime=10,
                    //RequireConsent = true,//是否显示同意界面
                    //AllowRememberConsent = false,//是否记住同意选项
                },
 


                new Client
                {
                    ClientId = "postman client",
                    ClientName = "Postman Client",

                    AllowedGrantTypes = GrantTypes.ClientCredentials,
                    ClientSecrets = { new Secret("postman client secret".Sha256()) },

                    AllowedScopes = new [] {"orderApiScope", "productApiScope"},
                },
            };
    }
}